Keeping encryption/decryption keys secret is an important part of any secure computing system. For example, when a computing device or other media is shipped/downloaded to a customer, some or all of the content may be encrypted, and thus need to be decrypted with the appropriate key to be useful. If an attacker is able to exploit a vulnerability and obtain the key, the attacker has access to that content.
Simply fixing the vulnerability in a new software version does not solve the problem. For example, an attacker can take a snapshot of the old version that has the vulnerability, and then reload that version, or the corresponding part thereof to recreate the vulnerability. Any new keys that the old version can access can be revealed even after a device is changed to the new version.